This is another new piece of malware under developement now, no doubt we will be hearing a bit more of this in the future. I will give you an update if and when I find out more about it. By PCWorld Staff Nov 27, 2014 A security researcher came across what appears to be a new family of point-of-sale malware that few antivirus programs were detecting.
Nick Hoffman, a reverse engineer, wrote the Getmypass malware shares traits that are similar to other so-called RAM scrapers, which collect unencrypted payment card data held in a payment system’s memory.
That type of malware has been responsible for large payment card breaches at Target, Neiman Marcus and others, capitalizing on a common weakness in systems that experts say can be fixed with more robust encryption of card details.
Hoffman wrote that Getmypass appears to still be under development. It does not, for example, yet have a command-and-control functionality, which is a way that hackers use to issue commands to the malware.
Full Article
An update on the earlier post.
Adam Greenberg, Reporter December 01, 2014
http://media.scmagazine.com/images/2014/03/21/windigo61_569599.jpg?format.jpg&zoom=1&quality=70&anchor=middlecenter&width=320&mode=pad
The presence of debug information in the malware and lack of any identifiable command-and-control capabilities has led researchers to believe that TSPY_POSLOGR.K is in a beta testing phase. Trend Micro has identified a new point-of-sale (POS) threat detected as TSPY_POSLOGR.K.
The presence of debug information in the malware, as well as the lack of any identifiable command-and-control capabilities, has led researchers to believe that TSPY_POSLOGR.K is in a beta testing phase, Christopher Budd, global threat communications manager with Trend Micro, told SCMagazine.com in a Monday email correspondence.
“As with all software it's hard to say when a 'beta' is finished and ready for 'production,'” Budd said. “In this case, at least, having the missing command-and-control components are key to it being a piece of production malware.”
Full Article
Adam Greenberg, Reporter December 01, 2014
http://media.scmagazine.com/images/2014/03/21/windigo61_569599.jpg?format.jpg&zoom=1&quality=70&anchor=middlecenter&width=320&mode=pad
The presence of debug information in the malware and lack of any identifiable command-and-control capabilities has led researchers to believe that TSPY_POSLOGR.K is in a beta testing phase. Trend Micro has identified a new point-of-sale (POS) threat detected as TSPY_POSLOGR.K.
The presence of debug information in the malware, as well as the lack of any identifiable command-and-control capabilities, has led researchers to believe that TSPY_POSLOGR.K is in a beta testing phase, Christopher Budd, global threat communications manager with Trend Micro, told SCMagazine.com in a Monday email correspondence.
“As with all software it's hard to say when a 'beta' is finished and ready for 'production,'” Budd said. “In this case, at least, having the missing command-and-control components are key to it being a piece of production malware.”
Full Article
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.